Each time XProtect retrieves remote recordings, then a sequence of Onvif messages are sent. Most of these messages require user authentication, typically by using HTTP Digest Authentication. Of all the messages related to Onvif Profile G services requests, no attempt is seen by Milestone to pre-emptively send an Authorization field in the HTTP header. This means that communication is very inefficient since for each request and response, instead of there being 2 messages, then there are 4 messages. Over a network link with small RTT (Round Trip Time) then this inefficiency is not noticed so much, but over network links with high RTT, e.g. a cellular modem link with high contention backhaul, then this does become noticeable.
I have attached a Wireshark of the communication.
I am using XProtect version 2024 R1 with a Professional+ Test Licence and Device Pack 13.2a. I am using the ONVIF driver.